Add ALB

modules/alb/main.tf

@@ -0,0 +1,61 @@
+resource "aws_security_group" "this" {
+  name = "demo-app-alb-sg"
+
+  vpc_id = var.VPC_ID
+
+  ingress {
+    description = "HTTP"
+    from_port   = 80
+    to_port     = 80
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  egress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+}
+
+resource "aws_lb" "this" {
+  name               = "demo-app-alb"
+  
+  internal           = false
+  load_balancer_type = "application"
+  security_groups    = [aws_security_group.this.id]
+  subnets            = var.ALB_SUBNETS_IDS
+
+  tags = {
+    Project = var.PROJECT_TAG
+  }
+}
+
+resource "aws_lb_target_group" "this" {
+  name     = "demo-app-alb-tg"
+  port     = 80
+  protocol = "HTTP"
+  vpc_id   = var.VPC_ID
+
+  health_check {
+    protocol            = "HTTP"
+    port                = 80
+    path                = "/healthcheck.html"
+    healthy_threshold   = 2
+    unhealthy_threshold = 2
+    interval            = 90
+    timeout             = 20
+  }
+}
+
+resource "aws_lb_listener" "this" {
+  load_balancer_arn = aws_lb.this.arn
+  port              = 80
+  protocol          = "HTTP"
+
+  default_action {
+    target_group_arn = aws_lb_target_group.this.arn
+    type             = "forward"
+  }
+}

modules/alb/outputs.tf

@@ -0,0 +1,3 @@
+output "alb_tg" {
+  value = aws_lb_target_group.this
+}

modules/alb/variables.tf

@@ -0,0 +1,11 @@
+variable "VPC_ID" {
+  type = string
+}
+
+variable "PROJECT_TAG" {
+  type = string
+}
+
+variable "ALB_SUBNETS_IDS" {
+  type = list(string)
+}

modules/app/main.tf

@@ -27,14 +27,6 @@ resource "aws_security_group" "this" {
     cidr_blocks = ["0.0.0.0/0"]
   }
 
-  ingress {
-    description = "HTTPS"
-    from_port   = 443
-    to_port     = 443
-    protocol    = "tcp"
-    cidr_blocks = ["0.0.0.0/0"]
-  }
-
   egress {
     from_port   = 0
     to_port     = 0
@@ -72,6 +64,7 @@ resource "aws_autoscaling_group" "this" {
   vpc_zone_identifier       = var.VPC_SUBNETS_IDS
   health_check_type         = "ELB"
   health_check_grace_period = "90"
+  target_group_arns         = var.ALB_TARGET_GROUP_ARNS
 
   tag {
     key                 = "Name"

modules/app/variables.tf

@@ -27,4 +27,9 @@ variable "ASG_MIN_SIZE" {
 
 variable "ASG_MAX_SIZE" {
   type = number
+}
+
+# ALB
+variable "ALB_TARGET_GROUP_ARNS" {
+  type = list(string)
 }

prod/main.tf

@@ -12,8 +12,8 @@ module "vpc" {
   cidr = var.DEMO_VPC_CIDR
 
   azs             = var.DEMO_VPC_AVAILABILITY_ZONES
-  private_subnets = var.DEMO_VPC_PRIVATE_SUBNET_CIDRS
-  public_subnets  = var.DEMO_VPC_PUBLIC_SUBNET_CIDRS
+  private_subnets = var.DEMO_VPC_PRIVATE_SUBNETS_CIDRS
+  public_subnets  = var.DEMO_VPC_PUBLIC_SUBNETS_CIDRS
 
   enable_nat_gateway     = true
   single_nat_gateway     = true
@@ -52,6 +52,15 @@ module "bastion_host" {
   EC2_KEY_NAME      = var.DEMO_BASTION_HOST_KEY_NAME
 }
 
+# Create ALB
+module "alb" {
+  source = "../modules/alb"
+
+  VPC_ID = module.vpc_data.vpc.id
+  PROJECT_TAG = var.PROJECT_TAG
+  ALB_SUBNETS_IDS = module.vpc_data.public_subnets.ids
+}
+
 # Create demo app
 module "app" {
   source = "../modules/app"
@@ -65,4 +74,6 @@ module "app" {
 
   ASG_MIN_SIZE = var.DEMO_APP_ASG_MIN_SIZE
   ASG_MAX_SIZE = var.DEMO_APP_ASG_MAX_SIZE
+
+  ALB_TARGET_GROUP_ARNS = [module.alb.alb_tg.arn]
 }

prod/variables.tf

@@ -22,11 +22,11 @@ variable "DEMO_VPC_AVAILABILITY_ZONES" {
   type = list(string)
 }
 
-variable "DEMO_VPC_PRIVATE_SUBNET_CIDRS" {
+variable "DEMO_VPC_PRIVATE_SUBNETS_CIDRS" {
   type = list(string)
 }
 
-variable "DEMO_VPC_PUBLIC_SUBNET_CIDRS" {
+variable "DEMO_VPC_PUBLIC_SUBNETS_CIDRS" {
   type = list(string)
 }